The Fundamental Concepts of Operating Systems

The Operating System: Features And Structure

The operating system (OS) is structured to protect and allocate the computer hardware with collaborating software programs and users. When the computer is turned on, the kernel is loaded so users can communicate software needs for using the central processing unit (CPU) to execute processes. Another aspect of allocating resources is instructing the user to wait so the hardware can complete what is requested and limiting loads, stores, and writes. While the external user uses I/O (input/output) devices to accomplish tasks to help them stay efficient, the OS is efficiently managing records of processes for security and protection.

How The OS Enables Processes For Information Sharing And Exchange

A program started by double mouse click input or file opened starts the execution, known as a process, not the program itself until loaded into memory. Multiple process states go into preparing a program for the output for user interaction or device management, called jobs. Job processing involves multitasking, such as web surfing, writing a paper in Microsoft Word, or searching through saved file folder locations.  A process execution is a text section, current activity, stack, and data section or heap (Silberschatz et al., 2014). The process state describes the execution of different areas where the program runs. The states are new (initiating), running (instructions), waiting, ready, or terminated (completed). The Process control block consists of the process state, program counter, CPU registers and scheduling, OS memory system management limitations, accounting of data and process times, and I/O device and file information.

In a single thread, program execution can only process one task after another.  In a multi-thread, you can search for a URL in the browser and type your paper in Microsoft Word at the same time while you wait for the webpage to load. The OS kernel can only initiate one process can happen at a time. Parallelism and concurrency are the modes of OS threads and processing information by switching to the OS kernel or many user threads connecting to the kernel. User threads may not need to communicate with the kernel until a system call and can process instructions through multiple cores, each with their own program counter (PC) and register. However, user thread assignment are limited to the kernel threads available.  

The critical-section is important for communication between processes when sharing a resource so one is not overwriting the other and limits errors. The requirements for solving critical-section problems are making only one task as the sole process, relinquishing the sole process to another, and designating who must wait. The software solution to the critical-section problem is the use of true and false booleans (0 or 1 machine language) described by Peterson's solution (Silberschatz et al.,2014). One part of Peterson's solution involves using a while true loop mixed with if, elif, or else statements  (Python) to define which task is equal to true.

Controlling And Coordinating Memory

The OS kernel monitors I/O interrupts and page tables for memory management. Memory is updated by CPU processes, the process control (PC) retrieving instructions, loading/storing to registers, and address mapping using binary machine language 0's and 1's and/or bits. These instructions are bound to physical and logical addresses that can be linked dynamically across shared libraries for read-only, read-write, or copy-on-write parent-child copies. The virtual address instructions are not in memory and must be moved to registers before the CPU can execute them. The cache helps speed up memory access because of direct mapping in the main memory, and in a virtual space, they are connected to a physical space using the parent. The child (copy of the parent) has limited access to the parent's physical space because the child can mess up accurate data.

Because the CPU can only access main memory, a virtual address space may never need to use this space or have space allocated by the OS. The main memory the OS allocates is limited, and different pages or frame sizes can surpass what is available using virtual addressing. If the programmer's coding does not consider the OS role in the system, the kernel can trap and terminate application processes for system performance. User programs using virtual addressing do not see the physical address and create pointers for where the information is stored on the disk sectors. 

Files, Mass Storage, And I/O

Files systems use secondary storage with master and user file directories (MFD, UFD) in single-level and two-level tree structures for acyclic file sharing. MFD can be seen on a single users storage device, and within this structure file names cannot duplicate. A MFD can have multiple UFD that create tree-like structures of files between different programs and file types like .docx, .pdf, or .txt. According to Silberschatz et al. (2014), tree structured directories have root directories enabling the creation of subdirectories in UFDs for access to other UFDs using acyclic graphing. 

The OS kernel, as a host, supplies the communication between the I/O system calls of software programs to interrupt CPU processes and retrieval of data from disk memory. These I/O requests are how data is retrieved from secondary disk storage providing "I/O port memory-mapping, disk address, memory address, and the number of sectors to be transferred (Silberschatz et al., 2014)." Data transfers between the disk's cache and surface, while transfers happen between the disk cache and host controller. Input devices are keyboards, mice, or USB flash drives, and outputs are display monitors and audio speakers. One dual purpose device, Bluetooth, uses networking capabilities using universal port TCP addresses and handshaking like a typical network exchange. Device drivers enable the I/O management by the kernel's I/O subsystem to run the whole systems processes efficiently through CPU scheduling algorithms like first come, first served (FCFS), shortest seek time first (SSTF), and SCAN. These scheduling algorithms may use one of first-fit (FCFS), best-fit (SSTF), or worst-fit processing algorithms. 

Control Mechanisms

Domain-based protection is when a domain is permitted access to objects based on the permissions given to them. The principles given are the least privilege and the need-to-know principle, which helps protect the system from unauthorized users to minimize security violations (Silberschatz et al., 2014). Domains can be static or dynamic, and if dynamic, they create more security risks on the system with access rights ordered pairs needing to change.

 

Language-based protection is when the programmer writes protection requirements directly into a program's code to block others from changing it or abusing its privileges when communicating with the kernel. Language-based protection is supported through access matrix access-control mechanisms: 1. by defining when and the limits of user processes, 2. specifying what should happen once a resource is requested, and 3. Stating which order processes should be allowed (Silberschatz et al., 2014). The access matrix provides a foundation for how to secure the system from external attacks that were permitted by users.

Security protects the system, networks, and programs by IT programming codes, user policies, and educating users on security best practices. There are biometrics, multifactor authentication, and requirements to update passwords. Password length (eight to 10 keystroke characters) can be updated with security policies that require upper and lowercase letters, numbers, and special characters (Silberschatz et al., 2014). The operating system meticulous records of who, when, and where the system was accessed is how it helps security improve against threats.

Recommendations

1. Create secure Passwords with 10 mixed characters or more that don't require writing a note. (i.e., Every Friday I like to go to a dinner and a movie. Password: EryFd@y1L2din@m0v!) Changing passwords frequently can help protect your identity and stop malicious attacks.
2. Only open what you currently need. This can help with computer performance and limit the surveillance the system needs to screen for security. It also can help block tag-along virus access to secured areas to which you are given permission. 
3. Practice integrity. Sometimes, you may hit a key that opens up a side screen of the coding. Close it right away! If someone shares information that is not part of your job title, delete it and kindly remind the violator not to do it again. 
4. Always check the sender's email and report any phishing. Practice getting to know how your co-workers, friends, and family speak. Any misspelling of simple words, too many .jpeg images, or urgency to commit are usually spam and harmful. Report to spam and delete the email immediately.

Reference:

Silberschatz, A., Galvin, P. B., & Gagne, G. (2014). Operating system concepts essentials (2nd ed.). Retrieved from https://redshelf.com/